Fedora EPEL 5 updates-testing report

updates at fedoraproject.org updates at fedoraproject.org
Fri Mar 18 19:28:18 UTC 2011


The following Fedora EPEL 5 Security updates need testing:

    https://admin.fedoraproject.org/updates/perl-File-FcntlLock-0.12-1.el5.1,perl-Mail-Box-2.097-1.el5.1
    https://admin.fedoraproject.org/updates/rt3-3.6.10-2.el5
    https://admin.fedoraproject.org/updates/cgit-0.9-1.el5
    https://admin.fedoraproject.org/updates/clamav-0.97-11.el5
    https://admin.fedoraproject.org/updates/389-admin-1.1.15-1.el5


The following builds have been pushed to Fedora EPEL 5 updates-testing

    clamav-0.97-11.el5
    cvsps-2.2-0.8.b1.el5
    drupal6-authfas-0.2.2-1.el5
    drupal6-authfas-0.2.3-1.el5
    drupal6-feeds-1.0-0.6.beta10.el5
    dwarves-1.9-2.el5
    pam_afs_session-2.2-4.el5
    perl-VOMS-Lite-0.12-1.el5
    rxtx-2.2-0.4.20100211.el5

Details about builds:


================================================================================
 clamav-0.97-11.el5 (FEDORA-EPEL-2011-2844)
 Anti-virus software
--------------------------------------------------------------------------------
Update Information:


https://www.redhat.com/archives/epel-devel-list/2011-March/msg00075.html




https://www.redhat.com/archives/epel-devel-list/2011-March/msg00075.html



https://www.redhat.com/archives/epel-devel-list/2011-March/msg00075.html



--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 18 2011 Jan-Frode Myklebust <janfrode at tanso.net> - 0.97-11
- Delete /var/lib/clamav/mirrors.dat, it will be recreated on first run.
- clamav-milter config cleanups.
* Wed Mar 16 2011 Jan-Frode Myklebust <janfrode at tanso.net> - 0.97-10
- Make sure /var/lib/clamav/mirrors.dat has owner fixed on upgrade.
- Don't start clamd or milter service by default.
* Tue Mar 15 2011 Jan-Frode Myklebust <janfrode at tanso.net> - 0.97-7
- rpm-provide all old package names that are now obsoleted
* Mon Mar 14 2011 Jan-Frode Myklebust <janfrode at tanso.net> - 0.97-6
- clam-db obsoletes old clamav-data-empty.
* Sun Mar 13 2011 Jan-Frode Myklebust <janfrode at tanso.net> - 0.97-4
- Add back clamd-wrapper to stay compatible with users
  of old packaging (amavisd-new).
* Wed Feb 23 2011 Nick Bebout <nb at fedoraproject.org> - 0.097-3
- Move db to /var/lib/clamav
- Ship empty directory /etc/clamd.d for amavisd-new
* Thu Feb 17 2011 Kevin Fenzi <kevin at tummy.com> - 0.97-2
- Disable llvm.
* Tue Feb  8 2011 Kevin Fenzi <kevin at tummy.com> - 0.97-1
- Update to 0.97
- Fix up for current guidelines.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #579370 - Update to newest version 0.96
        https://bugzilla.redhat.com/show_bug.cgi?id=579370
  [ 2 ] Bug #667203 - CVE-2010-1639 Clam AntiVirus: Heap-based overflow, when processing malicious PDF file(s) [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=667203
  [ 3 ] Bug #655636 - clamav-scanner, clamav-scanner-sysvinit in EPEL
        https://bugzilla.redhat.com/show_bug.cgi?id=655636
  [ 4 ] Bug #580676 - CVE-2010-0098 CVE-2010-1311 Multiple clamav vulnerabilities [Fedora all]
        https://bugzilla.redhat.com/show_bug.cgi?id=580676
  [ 5 ] Bug #679793 - CVE-2011-1003 clamav: Double free error by reading VBA project strings [epel-4]
        https://bugzilla.redhat.com/show_bug.cgi?id=679793
  [ 6 ] Bug #538425 - Wrong milter.conf file template in clamav-milter
        https://bugzilla.redhat.com/show_bug.cgi?id=538425
  [ 7 ] Bug #495502 - 0.95.1 is busted
        https://bugzilla.redhat.com/show_bug.cgi?id=495502
  [ 8 ] Bug #679794 - CVE-2011-1003 clamav: Double free error by reading VBA project strings [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=679794
--------------------------------------------------------------------------------


================================================================================
 cvsps-2.2-0.8.b1.el5 (FEDORA-EPEL-2011-2840)
 Patchset tool for CVS
--------------------------------------------------------------------------------
Update Information:

Updates EPEL 5's cvsps to the latest from Fedora
--------------------------------------------------------------------------------
ChangeLog:

* Mon Feb 14 2011 Honza Horak <hhorak at redhat.com> - 2.2-0.8.b1
- Patch to fix buffer overflow.
- https://bugzilla.redhat.com/show_bug.cgi?id=576076
* Tue Feb  8 2011 Fedora Release Engineering <rel-eng at lists.fedoraproject.org>
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Tue May 18 2010 Ville Skyttä <ville.skytta at iki.fi> - 2.2-0.6.b1
- Patch to fix man page formatting errors.
--------------------------------------------------------------------------------


================================================================================
 drupal6-authfas-0.2.2-1.el5 (FEDORA-EPEL-2011-2847)
 Drupal 6 module for authentication via a Fedora Account System
--------------------------------------------------------------------------------
Update Information:

New upstream release includes an option to trust invalid SSL certs, for testing purposes.

--------------------------------------------------------------------------------


================================================================================
 drupal6-authfas-0.2.3-1.el5 (FEDORA-EPEL-2011-2857)
 Drupal 6 module for authentication via a Fedora Account System
--------------------------------------------------------------------------------
Update Information:

Includes an option for testing with invalid SSL certificates
--------------------------------------------------------------------------------


================================================================================
 drupal6-feeds-1.0-0.6.beta10.el5 (FEDORA-EPEL-2011-2843)
 An import and aggregation framework for Drupal
--------------------------------------------------------------------------------
Update Information:

Feeds is an import and aggregation framework for Drupal.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #654047 - Review Request: drupal6-feeds - An import and aggregation framework for Drupal.
        https://bugzilla.redhat.com/show_bug.cgi?id=654047
--------------------------------------------------------------------------------


================================================================================
 dwarves-1.9-2.el5 (FEDORA-EPEL-2011-2851)
 Debugging Information Manipulation Tools
--------------------------------------------------------------------------------
Update Information:

A set of tools to use the debugging DWARF data in binaries
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #234667 - Review Request: dwarves - DWARF Tools
        https://bugzilla.redhat.com/show_bug.cgi?id=234667
--------------------------------------------------------------------------------


================================================================================
 pam_afs_session-2.2-4.el5 (FEDORA-EPEL-2011-2852)
 AFS PAG and AFS tokens on login
--------------------------------------------------------------------------------
Update Information:

New Release. pam-afs-session is a PAM module intended for use with a Kerberos v5 PAM module to obtain an AFS PAG (Process Authentication Group) and AFS tokens on login. It puts every new session in a PAG regardless of whether it was authenticated with Kerberos and runs a configurable external program to obtain tokens.
--------------------------------------------------------------------------------


================================================================================
 perl-VOMS-Lite-0.12-1.el5 (FEDORA-EPEL-2011-2849)
 Perl extension for VOMS Attribute certificate creation
--------------------------------------------------------------------------------
Update Information:

VOMS (virtual organisation membership service) is a system for managing grid level authorization data within multi-institutional collaborations via membership and roles within that membership.

VOMS::Lite provides a perl library and client tools for interacting with an existing voms service including the well known C impementation of voms.
VOMS (virtual organisation membership service) is a system for managing grid level authorization data within multi-institutional collaborations via membership and roles within that membership.

VOMS::Lite provides a perl library and client tools for interacting with an existing voms service including the well known C impementation of voms.
VOMS (virtual organisation membership service) is a system for managing grid level authorization data within multi-institutional collaborations via membership and roles within that membership.

VOMS::Lite provides a perl library and client tools for interacting with an existing voms service including the well known C impementation of voms.
VOMS (virtual organisation membership service) is a system for managing grid level authorization data within multi-institutional collaborations via membership and roles within that membership.

VOMS::Lite provides a perl library and client tools for interacting with an existing voms service including the well known C impementation of voms.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #565949 - Review Request: perl-VOMS-Lite - Perl extension for VOMS Attribute certificate creation
        https://bugzilla.redhat.com/show_bug.cgi?id=565949
--------------------------------------------------------------------------------


================================================================================
 rxtx-2.2-0.4.20100211.el5 (FEDORA-EPEL-2011-2839)
 Parallel communication for the Java Development Toolkit
--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 17 2011 Levente Farkas <lfarkas at lfarkas.org> - 2.2-0.4.20100211
- fix fhs_lock  #666761
* Wed Feb  9 2011 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.2-0.3.20100211.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Tue Nov  9 2010 Levente Farkas <lfarkas at lfarkas.org> - 2.2-0.3.20100211
- fix lock dir location #650849
* Tue Mar 30 2010 Dennis Gilmore <dennis at ausil.us> - 2.2-0.2.20100211
- apply patch from Patrick Ale excluding the inclusion of sys/io.h on sparc
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #666761 - buffer overflow in fhs_lock
        https://bugzilla.redhat.com/show_bug.cgi?id=666761
--------------------------------------------------------------------------------





More information about the epel-devel-list mailing list